Fixes the authenticator API to deny access if nil is returned from the
authenticator block. Without this patch, the nil gets to_s'd to "" and
an empty password would be accepted.
Backported to rack-1.1.
Signed-off-by: Christian Neukirchen <chneukirchen@gmail.com>